EC2 101

Question 1

What is EC2?

Answer 1

A web service that provides resizable compute capacity in the cloud.

Question 2

What is the EC2 On Demand Pricing Model?

Answer 2

Allows for paying a fixed rate by the second/hour with no commitment,

Question 3

What is EC2 Reserved Pricing Model?

Answer 3

Provides reserved capacity with significant discounts on the hourly rate

Question 4

What is EC2 Sport Pricing Model?

Answer 4

Allows for bidding a price for excess instance capacity, providing greater cost savings for applications that have flexible start and end times.

Question 5

What is EC2 Dedicated Hosts Pricing Model?

Answer 5

Physical EC2 servers dedicated for your use.

Question 6

What is the use case for EC2 On Demand?

Answer 6

Applications with short term, spiky, or unpredictable workloads that cannot be interrupted.

Question 7

What is the use case for EC2 Reserved?

Answer 7

Applications with steady state or predictable usage, or those that require reserved capacity.

Question 8

What is the use case for EC2 Spot

Answer 8

Applications with flexible start and end times, are feasible at very low compute costs, or users with urgent computing needs for large amounts of additional capacity.

Question 9

What is the use case for Dedicated Hosts?

Answer 9

Useful for regulatory requirements or licensing that does not support multi tenancy.

Question 10

True or False: If the EC2 Spot instance is terminated by AWS you will not be charged for a partial hour of usage.

Answer 10

True, however if you terminate it yourself, you will be charged for any hour in which the instance ran.

Question 11

True or False: EC2 Termination Protection is turned on by default.

Answer 11

False; it is not turned on by default. Termination Protection protects the EC2 instance from accidental deletion.

Question 12

True or False: On an EBS Backed EC2 instance, the default action is for the root EBS volume to be deleted when the instance is terminated.

Answer 12

True; this can be changed by unchecking the delete on termination box. However, additional volumes are not automatically deleted upon termination by default.

Question 13

Can EBS EC2 Root Volumes of default AMIs be encrypted?

Answer 13

Yes, this can be done during the provisioning of the instance. Additional volume can also be encrypted. Encryption can also be done after the instance has been created.

Question 14

How long does it take for a rule change to a Security Group to take effect?

Answer 14

It takes effect immediately.

Question 15

True or False: All Security Group inbound traffic is blocked by default.

Answer 15

True, rules must be added to allow access to the service the Security Group is managing access to.

Question 16

Are Security Groups Stateful or Stateless?

Answer 16

Security Groups are stateful, meaning that all outbound traffic is allowed, there is no need to define outbound rules.

Question 17

True or False: The is no limit on the number of EC2 instances in a Security Group

Answer 17

True

Question 18

True or False: You can only have one Security Group attached to an EC2 instance.

Answer 18

False; you can have multiple Security Groups attached to an EC2 instance.

Question 19

True or False: Security Groups allow for blocking specific IP Addresses or Ports?

Answer 19

False, while it cannot be explicitly blocked, if a rule does not enable access to a specific port, it is still blocked. Use NACLs for specific blocking.

Question 20

True or False: Security Groups are Universal

Answer 20

False; Security Groups are Regional. If you setup an EC2 instance in a different Region than your Security Group, a new one will need to be created.

Question 21

How can MetaData and UserData about an EC2 instance be obtained?

Answer 21

Metadata, such as public IP address:
curl http://169.254.169.254/latest/meta-data/

Userdata, such as BootStrap scripts:
curl http://169.254.169.254/latest/user-data/

Question 22

What are EC2 Placement Groups?

Answer 22

They are a way of configuring the placement of interdependent EC2 instances on the underlying hardware to meet the need of a specific workload.

• Cluster
• Spread
• Partition

Question 23

What is a Cluster Placement Group?

Answer 23

A grouping of EC2 instances within a single AZ, used for applications that need low network latency and/or high network throughput.

Question 24

What is a Spread Placement Group?

Answer 24

A grouping of instances that are each placed on distinct underlying hardware. They are used for applications that have a small number of critical instances that should be kept separate from each other.

Question 25

What is a Partitioned Placement Group?

Answer 25

A group of instances that are broken into logical subgroups, ex. 9 instances in groups of 3. Each grouping is a partition, and each partition is placed on distinct underlying pieces of hardware. It is used for similar applications as in Spread Placement.

Question 26

True or False: An existing EC2 instance can be placed into a Placement Group.

Answer 26

True; however it must be in the Stopped state, and must be done using the CLI, not the console. Also, you cannot merge Placement Groups.

Question 27

What is the AWS Web Application Firewall?

Answer 27

WAF is web app firewall that allows the monitoring of http and https requests that are forwarded to CloudFront, an Application Load Balancer, or API Gateway, and also allow control of access to content.

Question 28

What can a AWS WAF do?

Answer 28

It can block access from specific IP Addresses, specific countries. It can also block based on request headers, request strings, request lengths, SQL injection, or cross site scripting.

Question 29

Who is responsible for patching and updating EC2 instances?

Answer 29

The user is responsible for updating and patching the OS.